ToC Home Issues Hearts Links

Issue #4, November 2005

Slack Tips

In this issue, you will find the following materials:

Stopping SSH attacks with iptables

From: Dominik L. Borkowski
Newsgroups: alt.os.linux.slackware
Date: Wed, 12 Oct 2005 07:21:43 -0400
Subject: Re: ssh attacks (Original post) 

reclusive monkey wrote:
> Someone has been making a crude attempt to login to my server via SSH.
> I have all the IPs in my logs, but I am asking whether its worth even
> reporting it. What is the general consensus of opinion, is it worth
> bothering with? There doesn't seem to be anything untoward going on,
> neither do they seem to have suceeded.

As others have stated, those are bots. Submitting logs is often worthless, I've learned that 9 out of 10 'other sysadmins' do not care. In fact, if they would care, more often than not they prevent that from happening in the first place.

Now, regarding how to deal with this annoyance. Try this, and I assure you, it works: 

   iptables -A INPUT -p tcp -i eth0 -m state --state NEW \
		--dport 22 -m recent --update --seconds 15 -j DROP
   iptables -A INPUT -p tcp -i eth0 -m state --state NEW \
		--dport 22 -m recent --set -j ACCEPT

Give it a whirl, you'd be surprised.

Scan HorizSync and VertRefresh?

From: Henrik Carlqvist
Newsgroups: alt.os.linux.slackware
Date: Sun, 19 Jun 2005 01:23:25 +0200
Subject: Re: Scan HorizSync and VertRefresh? (Original post) 

> Is there some nifty little command line app around
> to fetch these values somehow?

Yes, there is. It is called read-edid and you can get it from http://john.fremlin.de/programs/linux/read-edid/.

I have written some custom installation scripts for Slackware which uses that program to do the following:

1. File SetMonitor which is located in initrd.img in usr/lib/setup.

At first the script above attempts to use read-edid to get the values from the monitor. If that fails it uses a dialog to ask the user during installation.

At a later stage during installation a script from a custom package is called, that script looks like this:

2. File setup.xconfig installed in /var/log/setup on target drive.

The above files were written for Slackware 9.1 with XFree86. Since then I have updated this custom 9.1 installation to use X.org instead and I only had to do some minor modification to the last script. By reading the scripts above I thing you get the idea. You might not want to use them unmodified as they will configure X with a swedish keyboard :-)

Slackware installation scripts

From: Henrik Carlqvist
Newsgroups: alt.os.linux.slackware
Date: Fri, 01 Jul 2005 08:19:45 +0200
Subject: Re: i need to find where some programs are in slackware source pkgs (Original post) 

> i like to translate Slackware installation scripts into Turkish.
> i found pkgtools . but i do not know where is the setup that installs
> the whole system at first.
>
> if you know where is it, please tell mee

I suppose that you want to translate the scripts that are running during Slackware installation?

In the isolinux directory of your installation CD there is a file called initrd.img. That compressed file contains your root file system during install. Do the following:

   cp initrd.img /tmp/initrd.gz
   cd /tmp
   gzip -d initrd.gz
   mount -o loop initrd /mnt/hd
   cd /mnt/hd/somewhere/i/forgot/where [*]

There you will find the installation scripts. All the scripts are called from the setup script and are in the same directory. However, some packages also contain their own scripts which are run after the packages are installed. Examples of such scripts are the scripts for selecting a window manager, the script for installing the bootloader and the script for selecting a root password.

[*] Editor's remark: /mnt/hd/etc/rc.d and /mnt/hd/usr/lib/setup.

Setting LANGUAGE-variables via window-manager

From: Henrik Carlqvist
Newsgroups: alt.os.linux.slackware
Date: Mon, 08 Aug 2005 22:27:53 +0200
Subject: Re: Setting LANGUAGE-variables via window-manager (Original post) 

Gauthier wrote:
> I'm french speaking, and, typing set in a xterm, I've such variables
> concerning locales :
>
> LANG=fr
> LANGUAGE=fr
> LC_ALL=fr_BE
> LC_CTYPE=ISO-8859-1
> LC_MESSAGES=fr
>
> When I run an application from an xterm, it's well localized, for
> example, I get Gimp with all the menus in french.
>
> But that's not the case when the application is started via the menus
> of my window manager (I use fvwm2), and I get all apps in english.
>
> Does someone know how to fix that ?

The way to fix it is to make sure that the same variables are set before your window manager starts. How this is done might depend on how you start X.

If you first log in to a text console and then start X with "startx" you could create yourself a ~/.xinitrc file which should look similar to /etc/X11/xinit/xinitrc but the variables above should be set before the window manager is started.

If you log in directly with a graphical environment with something like xdm, gdm or kdm you should probably instead get yourself a ~/.xsession where you instead could get inspiration from /etc/X11/xdm/Xsession.

If you have the bash shell it might also be possible to put the above commands in ~/.profile

Recovering from boot failure: example

From: Grant Coady
Newsgroups: alt.os.linux.slackware
Date: Fri, 10 Jun 2005 08:30:22 +1000
Subject: Recovering from boot failure: example... (Original post)

Hi there,

I'll share this as the question appears frequently.

Last night I installed slack-10.1 to an old pII/266 box, bare metal install to 13GB HDD. Too tired, I shutdown midway through setting up a custom kernel. This morning, turn on machine, am greeted by: 

Loading SlackEBDA is big; kernel setup stack overlaps LILO second stage.

Oops? WTF? What I'd done is upgrade kernel to 2.4.31 from slack-current and forgot to run lilo :(

Fix? Easy! Boot from install CD, fdisk -l, then I remember why I'm in habit of marking '/' or '/boot' 'active'—reminds me where to start search for current distro :) In this case the '*' was a 3GB /dev/hda3, has to be /.

Mount /dev/hda3 to /mnt, chroot to /mnt, edit /etc/lilo.conf [1], run 'lilo -v' successfully [2], exit, reboot, all fixed :o)

[1] I not use /boot symlinks, so I append "-ide-2.4.31" to vmlinuz, most will not need perform this step.

Similar issue if using separate /boot and slack install confused, edit lilo.conf and tell it correct boot + root locations [*], run lilo -v, reboot.

[2] Ignore lilo's warning message re: /proc not mounted, harmless.

[*] Editor's remark: The 'root' record in lilo.conf should point to the root partition.

On bsdgames and profile.d/

Newsgroups: alt.os.linux.slackware
Date: Sat, 09 Jul 2005 12:30:49 -0500
Subject: Re: 2 tiny newb problems (Original post) 

>> 1. When selecting 'logout - Turn off computer' from KDM, I'm taken
>> to a 'power down' prompt, where Mandrake 10.1 goes a step further and
>> switch's the computer off. Is it possible for Slackware to do this?

Thomas Overgaard: As root run '/sbin/modprobe apm' and if this has the effect you want then edit /etc/rc.d/rc.modules and remove the # from the line with this command.

Alan Hicks: APM is an old power management function available as a module in the kernel. About all it ever does these days is turn off a computer. Most people that require power management to do anything more than turn the box off (example: all laptop users) use ACPI, which is another (more powerful) power manager, though not quite so universally supported.

By inserting that module into your kernel, the kernel now has the ability to tell the motherboard to tell the power supply to turn off.

>> 2. How do I stop those 'amusing' random quotes each time I open a
>> console (something to do with fortune)?

Thomas Overgaard: Again as root remove the executable bit from /etc/profile.d/bsdgames.sh this way: 'chmod a-x /etc/profile.d/bsdgames.sh'

Alan Hicks: This works because most shells look at a file called /etc/profile for some sensible defaults. Unless I miss my guess; you're using bash, and bash is definately one of those shells. Inside /etc/profile you'll find a section that looks like this:

# Append any additional sh scripts found in /etc/profile.d/:
for profile_script in /etc/profile.d/*.sh ; do
  if [ -x $profile_script ]; then
    . $profile_script
  fi
done
unset profile_script

Basically that says for anything in /etc/profile.d/ that ends with ".sh"; execute it.

Copyright © 2005 by The Slack World, check here for the details.
The individual articles and posts are copyrighted by their authors.

Editorial Person Essence-1 Essence-2 Tips Story Notes Acks

BerliOS Logo